VMware vmnat.exe/vmnet-natd Multiple FTP Command Remote Overflow

Critical Nessus Plugin ID 20729


It is possible to execute code on the remote system.


According to its version number, the VMware program on the remote host may allow an attacker to execute code on the system hosting the VMware instance.

The vulnerability can be exploited by sending specially crafted FTP PORT and EPRT requests.

To be exploitable, the VMware system must be configured to use NAT networking.


Upgrade to :

- VMware Workstation 5.5.1 or higher
- VMware Workstation 4.5.2 or higher
- VMware Player 1.0.1 or higher
- VMware GSX Server 3.2.1 or higher.

See Also


Plugin Details

Severity: Critical

ID: 20729

File Name: vmware_remote.nasl

Version: $Revision: 1.17 $

Type: local

Agent: windows

Family: Windows

Published: 2006/01/16

Modified: 2013/02/10

Dependencies: 13855

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:U/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:vmware_player, cpe:/a:vmware:vmware_workstation, cpe:/a:vmware:gsx_server

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2005/12/20

Reference Information

CVE: CVE-2005-4459

BID: 15998

OSVDB: 22006